[Mimedefang] Re: MIMEDefang HOWTO

Jeremy Mates jmates at sial.org
Thu Dec 26 16:25:01 EST 2002


* Sean Ellis <sellis at telus.net> [2002-12-26T12:48-0800]:
> What works for me in moments of apprehension like this is to do a dry
> run on test machine. Note down everything everything that you do
> along the way (the `script` command might be useful). When you're
> happy with it, and during a low-traffic time slot, redo the procedure
> on the "live" unit.

I'd also recommend doing the sendmail 8.11 -> 8.12 upgrade first on a
non-production system, especially if this is your first time using
8.12.  The security changes in 8.12 (no suid bit) change a number of
operational details that can easily throw your upgrade off.

MIMEDefang can easily be added to a production sendmail with MILTER
support; simply configure /etc/mail/mimedefang-filter to report only,
and make sure you call mimedefang.pl such that mail still flows if
mimedefang is having issues.  In your .mc file for sendmail.cf:

INPUT_MAIL_FILTER(`mimedefang', `S=unix:/var/spool/MIMEDefang/mimedefang.sock, T=S:5m;R:5m')
define(`confMILTER_LOG_LEVEL', 1)

Sample log-only configuration (except for viruses tagged by clamav,
which are blocked.  A few of my users have a steady supply of Klez I
wanted to get rid of while gathering data):

http://www.sial.org/sendmail/doc/mimedefang-filter.logonly

-- 
Jeremy Mates                                        http://www.sial.org/

OpenPGP: 0x11C3D628  (4357 1D47 FF78 24BB 0FBF 7AA8 A846 9F86 11C3 D628)



More information about the MIMEDefang mailing list